Java Code Examples for com.google.api.client.googleapis.auth.oauth2.GoogleIdToken#Payload
The following examples show how to use
com.google.api.client.googleapis.auth.oauth2.GoogleIdToken#Payload .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: GoogleIdTokenVerifierTest.java From styx with Apache License 2.0 | 6 votes |
private String createToken() throws GeneralSecurityException, IOException { var issuedAt = Instant.now().getEpochSecond(); var expiredAt = issuedAt + 3600; // One hour later var payload = new GoogleIdToken.Payload(); payload.setAuthorizedParty("103411466401044735393"); payload.setEmail("some.email@project.iam.gserviceaccount.com"); payload.setEmailVerified(true); payload.setIssuedAtTimeSeconds(issuedAt); payload.setExpirationTimeSeconds(expiredAt); payload.setIssuer("https://accounts.google.com"); payload.setSubject("103411466401044735393"); GenericJson googleMetadata = new GenericJson() .set("compute_engine", new GenericJson() .set("instance_creation_timestamp", 1556025719L) .set("instance_id", "5850837338805153689") .set("instance_name", "gew1-metricscatalogbro-b-b7z2") .set("project_id", "metrics-catalog") .set("project_number", 283581591831L) .set("zone", "europe-west1-d") ); payload.set("google", googleMetadata); var header = new JsonWebSignature.Header().setAlgorithm("RS256"); return JsonWebSignature.signUsingRsaSha256(privateKey, Utils.getDefaultJsonFactory(), header, payload); }
Example 2
Source File: SocialLogin.java From PYX-Reloaded with Apache License 2.0 | 5 votes |
@Contract("null -> null") @Nullable public GoogleIdToken.Payload verifyGoogle(String tokenStr) throws BaseCahHandler.CahException { if (tokenStr == null) return null; try { GoogleIdToken token = googleHelper.verify(tokenStr); return token == null ? null : token.getPayload(); } catch (GeneralSecurityException | IOException ex) { throw new BaseCahHandler.CahException(Consts.ErrorCode.GOOGLE_ERROR, ex); } }
Example 3
Source File: GoogleAccount.java From PYX-Reloaded with Apache License 2.0 | 4 votes |
public GoogleAccount(ResultSet user, GoogleIdToken.Payload token) throws SQLException, ParseException { super(user, token.getEmailVerified()); subject = user.getString("google_sub"); }
Example 4
Source File: GoogleAccount.java From PYX-Reloaded with Apache License 2.0 | 4 votes |
public GoogleAccount(String nickname, GoogleIdToken.Payload token) { super(nickname, token.getEmail(), Consts.AuthType.GOOGLE, token.getEmailVerified(), (String) token.getOrDefault("picture", null)); this.subject = token.getSubject(); }
Example 5
Source File: CreateAccountHandler.java From PYX-Reloaded with Apache License 2.0 | 4 votes |
@NotNull @Override public JsonWrapper handle(User user, Parameters params, HttpServerExchange exchange) throws BaseJsonHandler.StatusException { if (banList.contains(exchange.getHostName())) throw new BaseCahHandler.CahException(Consts.ErrorCode.BANNED); PreparingShutdown.get().check(); String nickname = params.getStringNotNull(Consts.UserData.NICKNAME); if (!Pattern.matches(Consts.VALID_NAME_PATTERN, nickname)) throw new BaseCahHandler.CahException(Consts.ErrorCode.INVALID_NICK); if (connectedUsers.hasUser(nickname) || accounts.hasNickname(nickname)) throw new BaseCahHandler.CahException(Consts.ErrorCode.NICK_IN_USE); UserAccount account; Consts.AuthType type; try { type = Consts.AuthType.parse(params.getStringNotNull(Consts.GeneralKeys.AUTH_TYPE)); } catch (ParseException ex) { throw new BaseCahHandler.CahException(Consts.ErrorCode.BAD_REQUEST, ex); } switch (type) { case PASSWORD: if (!emails.enabled()) throw new BaseCahHandler.CahException(Consts.ErrorCode.UNSUPPORTED_AUTH_TYPE); String email = params.getStringNotNull(Consts.UserData.EMAIL); if (email.isEmpty()) throw new BaseCahHandler.CahException(Consts.ErrorCode.BAD_REQUEST); if (accounts.hasEmail(email)) throw new BaseCahHandler.CahException(Consts.ErrorCode.EMAIL_IN_USE); String password = params.getStringNotNull(Consts.AuthType.PASSWORD); if (password.isEmpty()) throw new BaseCahHandler.CahException(Consts.ErrorCode.BAD_REQUEST); account = accounts.registerWithPassword(nickname, email, password); emails.sendEmailVerification(account); break; case GOOGLE: if (!socialLogin.googleEnabled()) throw new BaseCahHandler.CahException(Consts.ErrorCode.UNSUPPORTED_AUTH_TYPE); GoogleIdToken.Payload googleToken = socialLogin.verifyGoogle(params.getStringNotNull(Consts.AuthType.GOOGLE)); if (googleToken == null) throw new BaseCahHandler.CahException(Consts.ErrorCode.GOOGLE_INVALID_TOKEN); if (accounts.hasEmail(googleToken.getEmail())) throw new BaseCahHandler.CahException(Consts.ErrorCode.EMAIL_IN_USE); account = accounts.registerWithGoogle(nickname, googleToken); break; case FACEBOOK: if (!socialLogin.facebookEnabled()) throw new BaseCahHandler.CahException(Consts.ErrorCode.UNSUPPORTED_AUTH_TYPE); FacebookToken facebookToken = socialLogin.verifyFacebook(params.getStringNotNull(Consts.AuthType.FACEBOOK)); if (facebookToken == null) throw new BaseCahHandler.CahException(Consts.ErrorCode.FACEBOOK_INVALID_TOKEN); FacebookProfileInfo facebookInfo = socialLogin.infoFacebook(facebookToken.userId); if (accounts.hasEmail(facebookInfo.email)) throw new BaseCahHandler.CahException(Consts.ErrorCode.EMAIL_IN_USE); account = accounts.registerWithFacebook(nickname, facebookToken, facebookInfo); break; case GITHUB: if (!socialLogin.githubEnabled()) throw new BaseCahHandler.CahException(Consts.ErrorCode.UNSUPPORTED_AUTH_TYPE); String githubToken = params.getString(Consts.AuthType.GITHUB); if (githubToken == null) throw new BaseCahHandler.CahException(Consts.ErrorCode.GITHUB_INVALID_TOKEN); GithubProfileInfo githubInfo = socialLogin.infoGithub(githubToken); if (accounts.hasEmail(githubInfo.email)) throw new BaseCahHandler.CahException(Consts.ErrorCode.EMAIL_IN_USE); account = accounts.registerWithGithub(nickname, githubInfo); break; case TWITTER: if (!socialLogin.twitterEnabled()) throw new BaseCahHandler.CahException(Consts.ErrorCode.UNSUPPORTED_AUTH_TYPE); String twitterTokens = params.getString(Consts.AuthType.TWITTER); if (twitterTokens == null) throw new BaseCahHandler.CahException(Consts.ErrorCode.TWITTER_INVALID_TOKEN); TwitterProfileInfo twitterInfo = socialLogin.infoTwitter(twitterTokens); if (accounts.hasEmail(twitterInfo.email)) throw new BaseCahHandler.CahException(Consts.ErrorCode.EMAIL_IN_USE); account = accounts.registerWithTwitter(nickname, twitterInfo); break; default: throw new BaseCahHandler.CahException(Consts.ErrorCode.BAD_REQUEST); } return account.toJson(); }
Example 6
Source File: RegisterHandler.java From PYX-Reloaded with Apache License 2.0 | 4 votes |
@NotNull @Override public JsonWrapper handle(@Nullable User user, Parameters params, HttpServerExchange exchange) throws BaseJsonHandler.StatusException { if (banList.contains(exchange.getHostName())) throw new BaseCahHandler.CahException(Consts.ErrorCode.BANNED); PreparingShutdown.get().check(); Consts.AuthType type; try { type = Consts.AuthType.parse(params.getStringNotNull(Consts.GeneralKeys.AUTH_TYPE)); } catch (ParseException ex) { throw new BaseCahHandler.CahException(Consts.ErrorCode.BAD_REQUEST, ex); } UserAccount account; String nickname; switch (type) { case PASSWORD: nickname = params.getStringNotNull(Consts.UserData.NICKNAME); if (!Pattern.matches(Consts.VALID_NAME_PATTERN, nickname)) throw new BaseCahHandler.CahException(Consts.ErrorCode.INVALID_NICK); account = accounts.getPasswordAccountForNickname(nickname); if (account == null) { // Without account user = new User(nickname, exchange.getHostName(), Sessions.generateNewId()); } else { String password = params.getStringNotNull(Consts.AuthType.PASSWORD); if (password.isEmpty() || !BCrypt.checkpw(password, ((PasswordAccount) account).hashedPassword)) throw new BaseCahHandler.CahException(Consts.ErrorCode.WRONG_PASSWORD); user = User.withAccount(account, exchange.getHostName()); } break; case GOOGLE: if (!socialLogin.googleEnabled()) throw new BaseCahHandler.CahException(Consts.ErrorCode.UNSUPPORTED_AUTH_TYPE); GoogleIdToken.Payload googleToken = socialLogin.verifyGoogle(params.getStringNotNull(Consts.AuthType.GOOGLE)); if (googleToken == null) throw new BaseCahHandler.CahException(Consts.ErrorCode.GOOGLE_INVALID_TOKEN); account = accounts.getGoogleAccount(googleToken); if (account == null) throw new BaseCahHandler.CahException(Consts.ErrorCode.GOOGLE_NOT_REGISTERED); nickname = account.username; user = User.withAccount(account, exchange.getHostName()); break; case FACEBOOK: if (!socialLogin.facebookEnabled()) throw new BaseCahHandler.CahException(Consts.ErrorCode.UNSUPPORTED_AUTH_TYPE); FacebookToken facebookToken = socialLogin.verifyFacebook(params.getStringNotNull(Consts.AuthType.FACEBOOK)); if (facebookToken == null) throw new BaseCahHandler.CahException(Consts.ErrorCode.FACEBOOK_INVALID_TOKEN); account = accounts.getFacebookAccount(facebookToken); if (account == null) throw new BaseCahHandler.CahException(Consts.ErrorCode.FACEBOOK_NOT_REGISTERED); nickname = account.username; user = User.withAccount(account, exchange.getHostName()); break; case GITHUB: if (!socialLogin.githubEnabled()) throw new BaseCahHandler.CahException(Consts.ErrorCode.UNSUPPORTED_AUTH_TYPE); String githubToken = params.getStringNotNull(Consts.AuthType.GITHUB); GithubProfileInfo githubInfo = socialLogin.infoGithub(githubToken); account = accounts.getGithubAccount(githubInfo); if (account == null) throw new BaseCahHandler.CahException(Consts.ErrorCode.GITHUB_NOT_REGISTERED); nickname = account.username; user = User.withAccount(account, exchange.getHostName()); break; case TWITTER: if (!socialLogin.twitterEnabled()) throw new BaseCahHandler.CahException(Consts.ErrorCode.UNSUPPORTED_AUTH_TYPE); String twitterTokens = params.getStringNotNull(Consts.AuthType.TWITTER); TwitterProfileInfo twitterInfo = socialLogin.infoTwitter(twitterTokens); account = accounts.getTwitterAccount(twitterInfo); if (account == null) throw new BaseCahHandler.CahException(Consts.ErrorCode.TWITTER_NOT_REGISTERED); nickname = account.username; user = User.withAccount(account, exchange.getHostName()); break; default: throw new BaseCahHandler.CahException(Consts.ErrorCode.BAD_REQUEST); } User registeredUser = users.checkAndAdd(user); if (registeredUser != null) user = registeredUser; exchange.setResponseCookie(new CookieImpl("PYX-Session", Sessions.get().add(user))); return new JsonWrapper() .add(Consts.UserData.NICKNAME, nickname) .add(Consts.UserData.IS_ADMIN, user.isAdmin()); }
Example 7
Source File: UsersWithAccount.java From PYX-Reloaded with Apache License 2.0 | 4 votes |
@NotNull public GoogleAccount registerWithGoogle(@NotNull String nickname, @NotNull GoogleIdToken.Payload token) { GoogleAccount account = new GoogleAccount(nickname, token); addAccount(account); return account; }